Skip to content
1.8.2 and older VPN keys broken
Got a problem with Viscosity or need help? Ask here!
- Posts: 2
- Joined: Thu Nov 21, 2019 1:37 am
Hello,
One of our users upgraded to Viscosity 1.8.2 and now his certificate is no longer accepted by Viscosity. The error we get in the log says
Thanks a bunch!
Dave
One of our users upgraded to Viscosity 1.8.2 and now his certificate is no longer accepted by Viscosity. The error we get in the log says
Code: Select all
My research indicated that we need to update the VPN keys to use a supported hashing algorithm. That is in the works (it is non trivial with hundreds of users). Is there a way to get Viscosity 1.8.2 to accept our current keys until we have our new OpenVPN server in place?Nov 18 10:41:58 AM: Server reachable. Connecting to 54.224.78.184:1194:udp.
Nov 18 10:41:58 AM: WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
Nov 18 10:41:59 AM: OpenSSL: error:140AB18E:SSL routines:SSL_CTX_use_certificate:ca md too weak
Nov 18 10:41:59 AM: Exiting due to fatal error
Nov 18 10:41:59 AM: Cannot load certificate file C:\Users\user\AppData\Roaming\Viscosity\OpenVPN\2\user.crt
Thanks a bunch!
Dave
Hi Dave,
You can try the temporary fix listed in the following forum post, however please note we haven't tested it for local certificates:
https://www.sparklabs.com/forum/viewtopic.php?f=3&t=2781#p8426
Cheers,
James
You can try the temporary fix listed in the following forum post, however please note we haven't tested it for local certificates:
https://www.sparklabs.com/forum/viewtopic.php?f=3&t=2781#p8426
Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
2 posts
Page 1 of 1